<!DOCTYPE HTML>
<?php 
	session_start(); 
	
	if(isset($_SESSION['id'], $_SESSION['vorname'], $_SESSION['name'])){
		$id = $_SESSION['id'];
		$vorname = $_SESSION['vorname'];
		$name = $_SESSION['name'];
	}

?>
<html>

<head>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<link href='./images/favicon.ico' rel='shortcut icon' type='image/png'>
<link rel="stylesheet" type="text/css" href="./css/index.css">
<title>News</title>
</head>


<body id="fondo">
<div id="cuerpo">
<fieldset style="width: 1000px; color: #FFF;";>
    <?php
        include 'header.php';
    ?>
<div id="subcuerpo">
	<form method="POST" action="add_news.php">
	<table id="new_add" >
		<tr><td>To rank:</td><td><select name="rank_list"> <?php load_ranks();?></select>
		</td></tr>
		<tr><td>Description:</td> <td><textarea name="descrip" cols="40" rows="5"></textarea></td></tr>
		<tr> <td></td> <td><input type="submit" name="submit" value="Save"></td> </tr>
	</table>
	</form>
</div>
<?php load_news(); ?>



	<?php
		include 'footer.php';
	?>
</fieldset>
</div>
</body>
<?php
function load_ranks(){
	$link = mysqli_connect('localhost', 'root', '') or die("Failed to connect to MySQL: " . 
                mysql_error());
	$sql = "USE web_db";
	$query = mysqli_query($link,$sql);
	$sql = "SELECT *
			FROM rank
			WHERE rank_nr<999";
	$query = mysqli_query($link,$sql);
	while($row = mysqli_fetch_row($query)){
			echo "<option value='$row[0]'>$row[1]</option>";
	}
}

function load_news(){
	$link = mysqli_connect('localhost', 'root', '') or die("Failed to connect to MySQL: " . mysql_error());
	if (mysqli_connect_errno()) {
        echo 'Failed to connect to MySQL';
        exit;
	}
	$sql = "USE web_db";
	$resultado = mysqli_query($link,$sql);
	
	$news = get_news($link);
		
	while($row = mysqli_fetch_row($news)){
		echo "<hr>";
		echo "<table class='news'>";
		echo "<tr>";
		echo "<td width='150px'>"; echo "<h2>"; echo $row[1]; echo "</h2>"; echo "</td><td text-align:left>";
					 echo "-To: "; RankName($row[3]) ;
		echo "</tr>";
		echo "<tr>"; echo "<td colspan='2'><p id='$row[0]'>$row[2]</p>"; echo "</td>"; echo "</tr>";
		echo "<form name='borrar' method='POST' action='erase.php'>".
        "<input type='hidden' name='erase_id' value='$row[0]' />".
        "<input type='hidden' name='selected' value='news'/>";
		echo "<tr><td>"."<input type='submit' value='Delete'/></td></tr>";
		echo "</form>";
		echo "</table>";

	}
}

function get_news($link){
	$sql = "SELECT * FROM news";
	$resultado = mysqli_query($link,$sql);
		
	return $resultado;
}

function RankName($rank) {
		$sql = "USE web_db";
		$link = mysqli_connect('localhost', 'root', '') or die("Failed to connect to MySQL: " . 
				mysql_error());
		$result = mysqli_query($link,$sql);

		$sql = "SELECT workstation FROM rank WHERE rank_nr=$rank";
		$result = mysqli_query($link,$sql);

		$row = mysqli_fetch_row($result);
		echo $row[0];
}
?>

<script type="text/javascript">

var editing  = false;

if (document.getElementById && document.createElement) {
	var butt = document.createElement('BUTTON');
	var buttext = document.createTextNode('Save');
	butt.appendChild(buttext);
	butt.onclick = saveEdit;
}

function catchIt(e) {
	if (editing) return;
	if (!document.getElementById || !document.createElement) return;
	if (!e) var obj = window.event.srcElement;
	else var obj = e.target;
	while (obj.nodeType != 1) {
		obj = obj.parentNode;
	}
	if (obj.tagName == 'TEXTAREA' || obj.tagName == 'A') return;
	while (obj.nodeName != 'P' && obj.nodeName != 'HTML') {
		obj = obj.parentNode;
	}
	if (obj.nodeName == 'HTML') return;
	var x = obj.innerHTML;
	var ide = obj.id;
	var y = document.createElement('TEXTAREA');
	var z = obj.parentNode;
	z.insertBefore(y,obj);
	z.insertBefore(butt,obj);
	z.removeChild(obj);
	y.value = x;
	y.id = ide;
	y.focus();
	editing = true;
}

function saveEdit() {
	var area = document.getElementsByTagName('TEXTAREA')[0];
	var y = document.createElement('P');
	var z = area.parentNode;
	y.innerHTML = area.value;
	z.insertBefore(y,area);
	z.removeChild(area);
	z.removeChild(document.getElementsByTagName('button')[0]);
	editing = false;
	post_to_url('update_news.php', {'desc': y.innerHTML, 'new':area.id});
}

function post_to_url(path, params, method) {
    method = method || "post"; // Set method to post by default if not specified.

    // The rest of this code assumes you are not using a library.
    // It can be made less wordy if you use one.
    var form = document.createElement("form");
    form.setAttribute("method", method);
    form.setAttribute("action", path);

    for(var key in params) {
        if(params.hasOwnProperty(key)) {
            var hiddenField = document.createElement("input");
            hiddenField.setAttribute("type", "hidden");
            hiddenField.setAttribute("name", key);
            hiddenField.setAttribute("value", params[key]);

            form.appendChild(hiddenField);
         }
    }

    document.body.appendChild(form);
    form.submit();
}
document.onclick = catchIt;
</script>
